A denial-of-service (DoS) attack is a type of cyber-attack in which the attacker seeks to make a machine or network resource unavailable to its intended users by disrupting services of a host connected to a network. The attack can be accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. There are two general methods of DoS attacks: flooding services or crashing services.
A distributed denial-of-service (DDoS) attack is a type of DoS attack that occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. DDoS attackers often leverage the use of a botnet, which is a group of hijacked internet-connected devices to carry out large scale attacks. Attackers take advantage of security vulnerabilities or device weaknesses to control numerous devices using command and control software. Once in control, an attacker can command their botnet to conduct DDoS on a target.
Permanent denial-of-service (PDoS), also known as phlashing, is an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victims hardware, such as routers, printers, or other networking hardware.
DoS attacks can significantly degrade the service quality experienced by legitimate users, introducing large response delays, excessive losses, and service interruptions, resulting in direct impact on availability.
